Fortigate Physical appliance

On a physical device, the port1 interface is usually configured with a DHCP server ( more on the different services later on ) and an IP address of

You will need to connect your computer to that port. you can also configure your computer in the subnet range ( configure it with a static IP address in that range if it doesn’t get for some reason an IP address from port1 interface ) All of the things that you will learn in this book applies to both Virtual and physical devices

Let’s Start


You can do a lot with your NGFW firewall, from Simple Rules, Web filtering, Deep SSL inspection of the traffic, IPsec tunnels, custom IPS signatures, even using it as a web application firewall. This book will focus on most used administration topics, as well as firewall rules, routing and analyzing sessions


We will look at the different capabilities, using screenshots from my home FortiGate but let’s start with the basic things you do when you connect through the administrative interface and that is:



  • Set admin profile
  • Set up new interfaces for your LAN
  • Config firewall address objects, for users, machines, anything in your LAN, that you may need to address
  • Configure a default static route that will allow anyone to get out to the internet through your WAN port
  • Configure your first policy

We will configure the above using the Graphical user interface, but we will focus on the Command Line, which is the best way to get into the advanced stuff.


Once you are connected to your FortiGate for the first time ( On one of the available ports ), you are actually the Administrator of the machine. you have all the ROOT privileges and you can do just about anything from assigning new administrators or configuring your FortiGate firewall without any limitations


On your Left menu pane click system— administrators, choose admin and edit you can configure your admin profile ( password and name), 2-factor authentication, trusted hosts ( IP addresses ) that you can connect from, and more



Leave a Reply

Your email address will not be published. Required fields are marked *